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IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



In re Application of: Michael C. G. Lee 
Serial No, 09/671,250 



Examiner Ho, Thomas M. 
Art Unit: 2134 



Filed: 9/28/2000 

For: FIREWALL FOR REAL-TIME INTERNET APPLICATIONS 

Mail Stop Appeal Brief - Patents 
Commissioner for Patents 
PO Box 1450 

Alexandria, VA 22313-1450 



The present APPEAL BRIEF is filed pursuant to 37 CF.R* § 41 .37. Appellant encloses 
a credit card form authorizing payment in the amount of $500.00 as required by 37 CJF.R. § 
1.17(c). If any additional fees are required in association with this appeal brief, the Director is 
hereby authorized to charge them to Deposit Account 50-1732, and consider this a petition 
therefor. 



(1) REAL PARTY IN INTEREST 

The real party in interest is the assignee of record, i.e„ Nortel Networks Limited of 2351 
Boulevard Alfred-Nobel, St. Laurent, Quebec Canada H4S 2A9, which is wholly owned by 
Nortel Networks Corporation, a Canadian corporation. 

(2) RELATED APPEALS AND INTERFERENCES 

There are no related appeals or interferences to the best of Appellant's knowledge. 

(3) STATUS OF CLAIMS 

Claims 1-21 are pending and rejected, with the rejection made final January 27, 2005. 
Claims 1-21 form the basis of this appeal. 



Sir: 



APPEAL BRIEF 



87/28/2885 HBINAS 88388822 89671258 



(4) STATUS OF AMENDMENTS gl ^ 

AU amendments have been entered to the best of Appellant's knowledge. 
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(5) SUMMARY OF CLAIMED SUBJECT MATTER 

The present invention is a firewall (100) that helps a first network (110) intemperate with 
a second network (120). The claims are directed to the firewall (100), the method formed by the 
activities of the firewall, and the computer software that operates on the firewall. It is presumed 
that the two systems are both packet based systems and use some variation of the OSI protocol 
stack model, such as a TCP/IP stack- The firewall 100 receives a stream of packets and filters 
them according to the present invention. The firewall (100) of the present invention is actually 
two firewalls in one. The first firewall is a packet filter (106) that operates on the bearer channel 
of a communication system. The bearer channel usually handles the voice part of a Voice over 
IP (VoIP) phone call, and thus all the packets associated with the bearer channel are filtered by 
the packet filter (106) in the first firewall. The second firewall is an application proxy (102) that 
operates on the signaling channel (or control channel) part of the VoIP call. Each VoIP phone 
call has a signaling channel that is responsible for call set up, call take down, and other similar 
signaling functions. The present invention applies the application proxy (102) firewall to the 
signaling channel at all stages of the call. When the two firewalls (102, 106) are combined and 
operate together, the parts of the call that are sensitive to attack (Le„ the signaling channel) are 
subjected to the greatest firewall scrutiny while the parts of the call that are sensitive to delays 
(Le., the bearer channel) are processed by the relatively fast packet filter (106). 

(6) GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

A) Whether claims 1, 2, 4-6, 10-13, 17, and 18 are anticipated under 35 U.S.C § 102(e) 
by Baum et aL 

B) Whether claims 3, 7-9, 14-16, and 19-21 are unpatentable under 35 U.S.C § 103 over 
Baum et al. 

(7) ARGUMENT 

A. Introduction 

Baum et al. does not teach or suggest all the claim elements recited in the claims arranged 
in the manner claimed. Furthermore, the elements that the Patent Office equates to Appellant's 
claim elements do not perform the functions recited in the claims. Still further, the Patent Office 
has not satisfied its procedural and evidentiary requirements to modify or combine references. 
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Each of these failures provides an independent reason why the claims are allowable. For these 
reasons, Appellant requests that the Board reverse the Examiner and instruct the Examiner to 
allow the claims, 

B, Summary of Reference 

1. U,S, Patent No- 6,400,707 to Baum et aL 

U.S. Patent No. 6,400,707 to Baum et al. (hereinafter "Baum") discloses a firewall 338 
that has a filter 340, a packet switch 342, and a control processor 344. When the filter 340 
receives a call set up message (i.e., a signaling message), the filter 340 duplicates the call set up 
message, passes the original data stream to a gateway 320, and passes the replicated stream to the 
control processor 344 (Baum, col. 6, lines 24-32). The control processor 344 evaluates the call 
set up message and customizes the filter 340 for that call (Baum, coL 7, lines 42-46). Baum also 
discusses why an application proxy is not a good firewall solution in his background section 
(Baum, col 2, lines 28-35). The application proxy of the background is never interrelated to the 
other elements of Baum' s system, 

C Standards 

1. Anticipation 

Section 102 of the Patent Act provides the statutory basis for an anticipation rejection and 
states inter alia: 

A person shall be entitled to a patent unless 
*** 

(e) the invention was described in - (I) an application for patent, published 
under section 122(b), by another filed in the United States before the 
invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the 
invention by the applicant for patent, except that an international 
application filed under the treaty defined in section 351(a) shall have the 
effects for the purposes of this subsection of an application filed in the 
United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English 
language 

The Federal Circuit's test for anticipation has been set forth numerous times. "It is 
axiomatic that for prior art to anticipate under 102 it has to meet every element of the claimed 
invention." Hybritech Inc. v. Monoclonal Antibodies, Inc., 802 F.2d 1367, 1379 (Fbd. Cir. 
1986). This standard has been reinforced- "To anticipate a claim, a reference must disclose 
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every element of the challenged claim and enable one skilled in the art to make the anticipating 
subject matter." PPG Indus. Inc. v. Guardian Indus. Corp., 75 F-3d 1558, 1577 (Fed. Or. 1996) 
(citations omitted). Further, "a finding of anticipation requires that the publication describe all of 
the elements of the claims, arranged as in the patented device ," CJ?. Bard Inc. v. M3 Sys. Inc., 
157 R3d 1340, 1349 (Fed. Cir. 1998) (emphasis added and citations omitted). 
2. Obviousness 

a. The Statute 

Section 103(a) of the Patent Act provides the statutory basis for an obviousness rejection 
and reads as follows: 

A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

b. The Interpretation of 35 U.S.C. § 103(a) 

Courts have interpreted 35 U.S.C. § 103(a) as a question of law based on underlying 
facts. As the Federal Circuit stated: 

Obviousness is ultimately a determination of law based on underlying 
determinations of fact. These underlying factual determinations include: (1) the 
scope and content of the prior art; (2) the level of ordinary skill in the art; (3) the 
differences between the claimed invention and the prior art; and (4) the extent of 
any proffered objective indicia of nonobviousness. 

Monarch Knitting Mach. Corp. v. SulzerMorat GmBH, 45 USPQ2d 1977, 1981 (Fed Cir. 1998) 
(internal citations omitted). The crux of the current inquiry is the content of the prior ait, and 
particularly whether there is a suggestion in the art to combine references. 

c. There Must be a Factually Supported Motivation to Combine the 
References 

It is well recognized that almost every invention is a combination of elements from the 
prior art. Ryko Mfg. Co. v. Nu-Star, Inc., 950 F.2d 714, 718 (Fed. Cir. 1991). What makes an 
invention patentable is that it would not have been obvious to one of ordinary skill in the art to 
combine the references in the manner claimed. The Federal Circuit has cautioned that the 
references may not be gathered with the claimed invention in mind. Pentec, Inc. v T Allen, 776 
F.2d 309, 313 (Fed. Cin 1985). To help avoid the insidious call of hindsight reconstruction, the 
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Federal Circuit has mandated that when the Patent Office proposes combining or modifying 

references, the Patent Office must articulate some reason why the combination or modification is 

desirable. Furthermore, this reason must be supported by actual evidence. In re Dembiczak, 175 

F.3d 994, 999 (Fed.Cir. 1999); see also In re Lee, 277 R3d 1338, 1343-44 (Fed. Cir. 2002). 

'That knowledge may have been within the province of the ordinary artisan does not in and of 

itself make it so, absent clear and convincing evidence of such knowledge." Smiths Indus. 

Medical Sys., Inc. v. Vital Signs, Inc., 183 F3d 1347 (Fed. Cir. 1999), Put another way, merely 

because a combination is possible, the combination is not necessarily obvious. The Federal 

Circuit acknowledges that the range of sources from which the motivation may come is broad, 

but emphasizes that the range of sources available does not diminish the requirement for actual 

evidence. In re Dembiczak at 999. Here, the Patent Office has not advanced proper motivations 

to combine Baum and the elements for which Official Notice is taken. 

d. Each Element of the Claim Must be Taught or Suggested by the 
Combination 

Once the references are properly modified or combined, the combination must teach or 
suggest every clement recited in the claims to establish prima facie obviousness. In re Royka, 
490 R2d 981 (C.C.P.A. 1974); MPEP § 2143.03. An element may be suggested explicitly or 
implicitly. In re Dembiczak at 999 (Fed. Cir. 1999). The Patent Office must provide particular 
findings with regard to a suggested showing. Broad conclusory statements standing alone are 
not sufficient. Id. "If the PTO fails to meet this burden, then the Appellant is entitled to the 
patent," In re Glaug, 283 F.3d 1335, 1338 (Fed. Cir. 2002). The Patent Office's combination 
does not show the application proxy of the invention. 

D. Argument 

35 U.S.C- § 102(e) 

1. Baum Does Not Anticipate Claims 1, 2, 4-6, 10-13, 17, and IS 

Anticipation is a rigorous standard and one which the Patent Office has not satisfied. In 
particular, the independent claims recite an application proxy. While the claim sets based on the 
independent claims differ slightly from one another, claim 1 is illustrative and recites a tfc fiicwalL 

. .comprising: an application proxy and a packet filter " The Patent Office does not directly 

identify where in Baum the application proxy is found 1 Appellant argued that Baum did not 

1 See page 5, line 1 of the Office Action of January 27, 2005, which has no citation to any portion of Baum after the 
recitation of an application server. 
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show a proxy application in Appellant's first Response filed July 2, 2004. In the Response to 
Arguments section of the Office Action of January 27 7 2005, the Patent Office does note that 
Baum, coL 2 F lines 28-35 discloses an application proxy. 2 However, the citation to Baum, col. 2, 
lines 28-35 is not proper in an anticipation analysis. Specifically, as noted above, for 
anticipation, the elements of the reference must be arranged as claimed. Baum, col. 2, lines 28- 
35 is in Baum's background section, and is never interrelated to the system described in Baum's 
detailed description. Since the application proxy of Baum, col. 2, lines 28-35 is not interrelated 
to the other elements of Baum's system, and is particularly not interrelated to Baum's filter 340, 
Baum's elements are not arranged as claimed. Since Baum's elements arc not arranged as 
claimed, Baum cannot anticipate exemplary claim 1. Since Baum cannot anticipate exemplary 
claim 1, Baum does not anticipate any of the claims in this group. Appellant requests that the 
Board reverse the Examiner and instruct the Examiner to allow the claims on this basis. 

Appellant also addresses an alternative reading of Baum. This reading was argued in 
Appellant's responses filed July 2, 2004 and March 24, 2005. While the Patent Office has not 
specifically endorsed Appellant's interpretation of the Patent Office's argument, Appellant 
believes this alternative reading is the real basis of the Patent Office's rejection in light of the 
citations provided by the Patent Office in its analysis of claim 1. Specifically, it appears that the 
Patent Office is interpreting the control processor 344 of Baum as equivalent to Appellant's 
application proxy. However, this interpretation does not establish anticipation because the 
control processor 344 of Baum does not have the claimed functionality. Specifically, claim 1 
recites "applying the Internet protocol packets associated with the signaling channel and the 
control channel to the application proxy. . . " Important to note in this language is that the 
language does not say "applying some of the packets to the application proxy", rather the 
language clearly indicates that the Internet protocol packets associated with the signaling channel 
and the control channel are applied to the application proxy. Not some, but all. In contrast, 
Baum's control processor 344 drops out of the call and does not process the call take down or 
other signaling channel or control channel packets, as recited in the claim. To this extent, 
Baum's control processor 344 is not an application proxy, nor does Baum's control processor 
344 perform the recited function of the application proxy. Since Baum's control processor 344 is 
not Appellant's application proxy and does not perform the recited function of Appellant's 

2 Office Action of January 27, 2005, page 3, lines 7-10. 
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application proxy, Baum does not show a claim element. Since Baum does not show a claim 
element, Baum cannot anticipate the claim. Since Baum cannot anticipate the claim, the Patent 
Office's anticipation rejection based on Baum is improper. If the Patent Office maintains that 
Baum's control processor 344 is the same as Appellant's application proxy, Appellant requests 
that the Board reverse this finding and instruct the Examiner to allow the claims on this basis. 

Appellant notes a further problem in the Patent Office's interpretation of Baum. 
Appellant's claims require that the packets associated with the control channels be applied to the 
application proxy. The Patent Office states et the control channels to the application proxy are the 
channels of data sent by the control processor, including the RS232 messages to reconfigure the 

packet filter " 3 The quoted language from the Office Action indicates that the Patent Office 

may believe that the packet filter is the application proxy. Specifically, the Patent Office states 
that channels of data including the RS232 messages are the control channels. To comply with 
the claim language, the element to which the RS232 messages are applied must be the 
application proxy. That is, since the claim recites that the packets associated with the control 
channel are applied to the application proxy, if the channels of data including the RS232 
messages are the control channels, then to comply with the claim language, the element to which 
these RS232 messages are applied must be the application proxy. The Patent Office then 
identifies the packet filter as the element to which the RS232 messages are applied. Thus, the 
Patent Office is effectively stating that the packet filter is the application proxy. Such a 
statement is demonstrably false and vitiates the Patent Office's statement that filter 340 is the 
packet filter of the claim. That is, in an anticipation rejection, the Patent Office cannot state that 
the filter 340 is both the packet filter of the claim and the application proxy of the claim. If the 
Patent Office maintains this position, then the elements of the reference are not arranged as 
claimed, and the claim is not anticipated. If this interpretation of Baum is the basis for the 
rejection, Appellant requests that the Board reverse the Examiner and instruct the Examiner to 
allow the claims on this basis. 
35 § 103 

2. The Rejection of Claim 3 is Improper 

Claim 3 was rejected under 35 U.S.C. § 103 as being unpatentable over Baum and 
Official Notice. In particular, the Patent Office alleges that real-time fax applications over the 

3 Office Action of January 27, 2005, page 5, lines 7-9. 
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internet are well known to those in the art. Assuming, arguendo^ that this assertion is correct, the 
Patent Office still has not provided any evidence to support the motivation to combine Baum and 
the asserted feet of the Official Notice. Specifically, the Patent Office asserts that it would have 
been obvious to one of ordinary skill in the art to have a firewall also filter faxes through the 
internet, to apply the same security measure to internet fax transmissions as one would with other 
kinds of internet transmissions. 4 While this statement is an interesting observation, the Federal 
Circuit requires more. Specifically, the Patent Office is required to support articulated 
motivations to combine references (such as Baum and the asserted fact of the Official Notice) 
with actual evidence. The range of sources that may be used is broad, but that does not diminish 
the requirement for actual evidence. In re Dembiczpk* Since the Patent Office has not supported 
the asserted motivation with actual evidence, the motivation is improper. Since the motivation to 
combine Baum and the asserted fact of the Official Notice is improper, the combination is 
improper. Since the combination is improper, the rejection of claim 3 is improper. Appellant 
requests that the Board reverse the Examiner and instruct the Examiner to allow claim 3 on this 
basis. On this issue, claim 3 stands alone. 

Claim 3 is also allowable for the reasons discussed in the § 102 rejection. Specifically, 
Baum does not teach or suggest the application proxy of the underlying independent claim. On 
that issue, claim 3 stands or falls with claim 1. 

3. The Rejection of Claims 7, 14, and 19 is Improper 

Claims 7, 14, and 19 were rejected under 35 U.S.C. § 103 as being unpatentable over 
Baum and Official Notice. In particular, the Patent Office alleges that network address 
translation (NAT) processes are well known to those in the art, and supports this assertion with a 
citation to four patents. 5 Assuming, arguendo* that this assertion is correct, the Patent Office still 
has not provided any evidence to support the motivation to combine a NAT process into Baum. 
Specifically, the Patent Office asserts that it would have been obvious to one of ordinary skill in 
the art to apply a Network Address Translation policy to translate any Internet Protocol (IP) 
addresses, Transmission Control Protocol (TCP) port numbers, or User Datagram Protocol 
(UDP) port numbers contained at layer 3 and layer 4, to allow IP packets received from the 
outside to reach their destination, specifically by the proper ports and addresses on the internal 



4 Office Action of January 27, 2005, page 9, Unes 5-8. 

5 Office Action of January 27, 2005, page 10, lines 4-8. 
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network guarded by the firewall. WhiJe this statement is an interesting observation, the Federal 
Circuit requires more. Specifically, the Patent Office is required to support articulated 
motivations to combine references with actual evidence. The range of sources that may be used 
is broad, but that does not diminish the requirement for actual evidence. In re Dembiczak. Since 
the Patent Office has not supported the asserted motivation with actual evidence, the motivation 
is improper- Since the motivation to combine Baum and the NAT process is improper, the 
combination is improper. Since the combination is improper the rejection of claims 7, 14, and 
19 is improper. Appellant requests that the Board reverse the Examiner and instruct the 
Examiner to allow claims 7, 14, and 19 on this basis. While this issue raises the same questions 
as the issue surrounding claim 3, the motivation is different, and thus, on this issue, claims 7, 14, 
and 19 stand or fall separately from claim 3. 

Claims 7, 14, and 19 are also allowable for the reasons discussed in the § 102 rejection. 
Specifically, Baum does not teach or suggest the application proxy of the underlying independent 
claim. On that issue, claims 7, 14, and 19 stand or fall with claim 1. 

4. Claims 8, 15, & 20 Are Non-Ob vious Over the Rejection of Record 

Claims 8, 15, and 20 were rejected under 35 U.S.C. § 103 as being unpatentable over 
Baum and Official Notice. In particular, the Patent Office alleges that network address 
translation (NAT) processes are well known to those in the art. Assuming, arguendo, that this 
assertion is correct, the Patent Office still has not provided any evidence to support the 
motivation to combine Baum and the NAT process. Specifically, the Patent Office asserts that it 
would have been obvious to one of ordinary skill in the art to translate any IP addresses, TCP 
port numbers, or UDP port numbers contained at layer 7, to allow IP packets received from the 
outside to reach their destination, specifically, by the types of content and session request such as 
FTP, gopher, or telnet, on the internal network guarded by the firewall. 7 While this statement is 
an interesting observation the Federal Circuit requires more. Specifically, the Patent Office is 
required to support articulated motivations to combine references (such as Baum and the asserted 
fact of the Official Notice) with actual evidence. The range of sources that may be used is broad, 
but that docs not diminish the requirement for actual evidence. In re Dembiczak. Since the 
Patent Office has not supported the asserted motivation with actual evidence, the motivation is 



6 Office Action of January 27, 2005, page 10, lines 9-14. 

7 Office Action of January 27, 2005, page 11, lines 1-7. 
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improper. Since the motivation to combine Baum and the NAT process is improper, the 
combination is improper. Since Lhe combination is improper, the rejection of claims 8, 15, and 
20 is improper. Appellant requests that the Board reverse the Examiner and instruct the 
Examiner to allow claims 8, 15, and 20 on this basis. On this issue, claims 8, 15, and 20 stand or 
fall together, but separately from the other claims. 

Claims 8, 15, and 20 are allowable for a second independent reason. Specifically, 
Appellant timely traversed the Patent Office's assertion that NAT on layer 7 is well known in the 
Response filed March 24, 2005. The Advisory Action of May 5, 2005 is silent as to where there 
is any evidence that NAT on layer 7 is known. Since the Patent Office has not shown where 
NAT on layer 7 is taught or suggested, the Patent Office has not shown a claim element. Since 
the references individually do not teach or suggest the claim element, the combination does not 
teach or suggest the claim element. Since the combination does not teach or suggest a claim 
element, the combination does not establish prima facie obviousness. Since the combination 
does not establish prima facie obviousness, claims 8, 15, and 20 are allowable. Appellant 
requests that the Board reverse the Examiner and instruct the Examiner to allow claims 8, 15, 
and 20 on this basis. On this issue, claims 8, 15, and 20 stand or fall together, but separately 
from the other claims. 

Claims 8, 15, and 20 are also allowable for the reasons discussed in the § 102 rejection. 
Specifically, Baum does not teach or suggest the application proxy of the underlying independent 
claim. On that issue, claims 8, 15, and 20 stand or fall with claim 1. 

5. The Rejection of Claims 9, 16 and 21 is Improper 

Claims 9, 16, and 21 were rejected under 35 U.S.C. § 103 as being unpatentable over 
Baum and Official Notice. In particular, the Patent Office alleges that NAT processes are well 
known to those skilled in the art. Assuming, arguendo, that this assertion is correct, the Patent 
Office still has not provided any evidence to support the motivation to combine Baum and the 
asserted fact of the Official Notice. Specifically, the Patent Office asserts that it would have 
been obvious to one of ordinary skill in the art to apply a NAT policy to the firewall of Baum to 
allow IP packets received from the outside to reach their destination on the internal network 
guarded by the firewall, 8 While this statement is an interesting observation, the Federal Circuit 
requires more. Specifically, the Patent Office is required to support articulated motivations to 

8 Office Action of January 27, 2005, page 9, lines 5-8. 
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combine references with actual evidence. The range of sources that may be used is broad, but 
that does not diminish the requirement for actual evidence. In re Dembiczak. Since the Patent 
Office has not supported the asserted motivation with actual evidence, the motivation is 
improper. Since the motivation to combine Baum and the NAT process is improper, the 
combination is improper. Since the combination is improper, the rejection of claims 9, 16, and 
21 is improper. Appellant requests that the Board reverse the Examiner and instruct the 
Examiner to allow claims 9 7 16, and 21 on this basis. On this issue, claims 9, 16, and 21 stand or 
fall together, but separately from the other claims. 

Claims 9, 16, and 21 are also allowable for the reasons discussed in the § 102 rejection. 
Specifically, Baum does not teach or suggest the application proxy of the underlying independent 
claim. On that issue, claims 9, 16, and 21 stand or fall with claim 1. 

E. Conclusion 

Baum docs not show the application proxy interoperating with the packet filter as recited 
in the claims. While the Patent Office has construed a control processor to be the application 
proxy, this control processor docs not perform the functions recited in the claims. Since Baum 
does not teach the claimed arrangement or functions, Baum cannot anticipate the claims. 
Additionally, the Patent Office has not provided the requisite actual evidence to combine Baum 
with the various asserted facts set forth in the Official Notices. Since the Patent Office has not 
provided the requisite actual evidence, the combinations proposed by the Patent Office are 
improper, and the rejections based on the improper combinations are improper. Appellant 
requests that the Board reverse the Examiner's rejections and instruct the Examiner to allow the 
claims. 
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(8) CLAIMS APPENDIX 

L A firewall for Internet protocol packets carrying data for a real-time Internet application, each 
of said Internet protocol packets being associated with any one of a signaling channel a control 
channel, or a bearer channel of said real-time Internet application, the firewall comprising: 
an application proxy and a packet filter, 

the Firewall applying the Internet protocol packets associated with the signaling channel 
and the control channel to the application proxy, and the firewall applying the Internet protocol 
packets associated with the bearer channel to the packet filter. 

2. The firewall of claim 1 wherein said real-time Internet application is Voice over Internet 
Protocol (VoIP). 

3. The firewall of claim 1 wherein said real-time Internet application is fax over Internet. 

4. The firewall of claim 1 wherein said real-time Internet application is video over Internet. 

5. The firewall of claim 1 wherein said real-time Internet application is voice messaging 
over Internet, 

6. The firewall of claim 1 wherein the application proxy instructs the packet filter as to 
which Internet protocol packets associated with a particular bearer channel to enable and disable 
for the duration of a session of said real-time Internet application. 

7. The firewall of claim 1 further including a Network Address Translation (NAT) process 
to translate any Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port 
numbers or User Datagram Protocol (UDP) port numbers contained at layer 3 and layer 4 of the 
Internet protocol packets associated with the signaling channel, the control channel and the 
bearer channel. 

8. The firewall of claim 1 further including a Network Address Translation (NAT) process 
to translate any Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port 
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numbers or User Datagram Protocol (UDP) port numbers contained at layer 7 of the Internet 
protocol packets associated with the signaling channel and the control channel. 

9. The firewall of claim 8 wherein said application proxy instructs said NAT process to 
operate for the duration of a session of said real-time Internet application independent of data 
traffic flow. 

10. The firewall of claim 1 further including a control logic process for specifying the 
operating parameters of the firewall. 

11. The firewall of claim 1 wherein said application proxy and said packet filter are housed 
in any one of a dual homed commercial workstation, a general purpose workstation, a dedicated 
firewall appliance, or an application specific integrated circuit. 

12. A method of protecting a computer network transmitting and receiving Internet protocol 
packets formatted in accordance with a real-time Internet protocol, each of said Internet protocol 
packets being associated with any one of a signaling channel, a control channel, or a bearer 
channel, the method comprising the steps of: 

u receiving a stream of Internet protocol packets, 

ii. applying the Internet protocol packets associated with the signaling channel and 
the control channel to an application proxy, and 

iii. applying the Internet protocol packets associated with the bearer channel to a 
packet filter. 

13. The method of claim 12 further comprising the step of the application proxy instructing 
the packet filter as to which bearer channels to enable and disable for the duration of an Internet 
application session utilizing said real-time Internet protocol. 

14. The method of claim 12 further comprising the step of applying a NAT process to 
translate any Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port 
numbers or User Datagram Protocol (UDP) port numbers contained at layer 3 and layer 4 of the 
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Internet protocol packets associated with the signaling channel, the control channel and the 
bearer channel. 

15. The method of claim 12 further comprising the step of applying a NAT process to 
translate any Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port 
numbers or User Datagram Protocol (UDP) port numbers contained at layer 7 of the Internet 
protocol packets associated with the signaling channel and the control channel. 

16. The method of claim 14 further comprising the step of the application proxy instructing 
the NAT process to operate for the duration of an Internet application session utilizing said real- 
time Internet protocol independent of data traffic flow. 

17. A computer readable medium containing computer instructions for protecting an Internet 
Protocol network transmitting and receiving Internet protocol packets formatted in accordance 
with a real-time Internet protocol, each of said Internet protocol packets being associated with 
any one of a signaling channel, a control channel, or a bearer channel, said computer readable 
medium comprising computer program code, executable by a computer, for: 

i. receiving a stream of Internet protocol packets, 

ii. applying the Internet protocol packets associated with the signaling channel and 
the control channel to an application proxy, and 

iii. applying the Internet protocol packets associated with the bearer channel to a 
packet filter. 

18. The computer readable medium of claim 17 further comprising computer program code, 
executable on a computer, for the application proxy to instruct the packet filter as to which 
bearer channels to enable and disable for the duration of an Internet application session utilizing 
said real-time Internet protocol. 

19. The computer readable medium of claim 17 further comprising computer program code, 
executable on a computer, for a NAT process, and for applying the NAT process to translate any 
Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port numbers or User 
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Datagram Protocol (UDP) port numbers contained at layer 3 and layer 4 of the Internet protocol 
packets associated with the signaling channel, the control channel and the bearer channel. 

20. The computer readable medium of claim 17 further comprising computer program code, 
executable on a computer, for a NAT process, and for applying the NAT process to translate any 
Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) port numbers or User 
Datagram Protocol (UDP) port numbers contained at layer 7 of the Internet protocol packets 
associated with the signaling channel and the control channel. 

2L The computer readable medium of claim 19 further comprising computer program code, 
executable on a computer, for the application proxy to instruct the NAT process to operate for 
the duration of an Internet application session utilizing said real-time Internet protocol 
independent of data traffic flow. 
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(9) EVIDENCE APPENDIX 

Appellant does not rely on any evidence to sustain the current appeal. Therefore, this 
section is not applicable to the current appeal. 
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(10) BELATED PROCEEDINGS APPENDIX 

As there are no related appeals or interferences, this section is not applicable. 
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